Exposure of Elementor
Page builders, WordPress plugins702
exposure score
960,635
sites use
0
exploited
46
critical
CVEs
1,532 resultsCVE-2024-2650MEDIUMEssential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders <= 5.9.11 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.4%CVE-2024-4373MEDIUMSina Extension for Elementor (Slider, Gallery, Form, Modal, Data Table, Tab, Particle, Free Elementor Widgets & Elementor Templates) <= 3.5.3 - Authenticated (Contributor+) Stored Cross-site Scriping via 'Sina Particle Layer'EPSS 0.4%CVE-2024-35725MEDIUMWordPress LA-Studio Element Kit for Elementor plugin <= 1.3.6 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2026-4362MEDIUMElementsKit Elementor Addons <= 3.8.2 - Missing Authorization to Unauthenticated Widget Content OverwriteEPSS 0.4%CVE-2025-68046MEDIUMWordPress Contact Form & Lead Form Elementor Builder plugin <= 2.0.1 - Sensitive Data Exposure vulnerabilityEPSS 0.4%CVE-2024-1377MEDIUMHappy Addons for Elementor <= 3.10.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Author Meta WidgetEPSS 0.4%CVE-2024-4564MEDIUMCoDesigner WooCommerce Builder for Elementor – Customize Checkout, Shop, Email, Products & More <= 4.4.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple WidgetsEPSS 0.4%CVE-2024-10670MEDIUMPrimary Addon for Elementor <= 1.6.2 - Authenticated (Contributor+) Post DisclosureEPSS 0.4%CVE-2024-48045MEDIUMWordPress Happy Elementor Addons plugin <= 3.12.3 - Broken Access Control vulnerabilityEPSS 0.4%CVE-2025-49387CRITICALWordPress Drag and Drop File Upload for Elementor Forms Plugin <= 1.5.3 - Arbitrary File Upload VulnerabilityEPSS 0.4%CVE-2024-54443MEDIUMWordPress Advanced Data Table For Elementor plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.4%CVE-2025-24595MEDIUMWordPress All Embed – Elementor Addons plugin <= 1.1.3 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.4%CVE-2024-8742MEDIUMEssential Addons for Elementor <= 6.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Filterable Gallery WidgetEPSS 0.4%CVE-2024-4374MEDIUMDethemeKit For Elementor <= 2.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple WidgetsEPSS 0.4%CVE-2024-3064MEDIUMElementor Addons, Widgets and Enhancements – Stax <= 1.4.4.1 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.4%CVE-2024-4446MEDIUMContent Views – Post Grid & Filter, Recent Posts, Category Posts, & More (Gutenberg Blocks and Shortcode) <= 3.7.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via pagingType ParameterEPSS 0.4%CVE-2024-2845MEDIUMBetterDocs – Best Documentation, FAQ & Knowledge Base Plugin with AI Support & Instant Answer For Elementor & Gutenberg <= 3.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via ShortcodeEPSS 0.4%CVE-2024-4329MEDIUMThim Elementor Kit <= 1.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via id ParameterEPSS 0.4%CVE-2024-5060MEDIUMLottieFiles – JSON Based Animation Lottie & Bodymovin for Elementor <= 1.10.9 - Authenticated (Contributor+) Stored Cross-Site ScriptingEPSS 0.4%CVE-2024-3929MEDIUMContent Views – Post Grid & Filter, Recent Posts, Category Posts, & More (Gutenberg Blocks and Shortcode) <= 3.7.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Widget Post OverlayEPSS 0.4%
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →